Him, an adventurer, CISO, soldier, Marine, law officer, author, professor, spy, yachty, motorcyclist, photographer. Her, was the church lady librarian, got divorced, joined a motorcycle gang, became a hacker, and world adventurer.

Main menu

Category: Information Assurance and Security

by Samuel Liles • November 19, 2018 • Comments Off on Socrates and the Consensus Leader

“You’re always telling me what to do!” “You never tell me what to do!” “You’re to lazy to actually lead!” A subordinate in a stressful situation can make a lot of allegations but the root of the problem may…

If you don’t have a successful information security program don’t waste your dollars or time on threat hunting until you can secure what you own first. There has been much ink spilled on threat hunting in the network. Even the…

So you’re a new CISO and you just arrived at the organization. What should your personal interaction project plan look like? I tell CISO’s that they should plan on a few days to simply spin up their technology, get their…

This is more from my noisy search for my next windmill to tilt at in what will be the great success of helping an organization become more resilient, capable, and respected for the information security posture they exhibit. I like…

Lots of snark talk from the military types out there. I understand it, but don’t have to agree with it. Over the weekend Military Times put out an article that above the fold states. Defense Secretary Ash Carter wants to…

I’m a senior executive, a subject matter expert, and an influential strategic leader in cyber security. Why would I always be looking for a job, why would I always be keeping my ear to the ground, and why would I…

I’ve been asked to talk about a variety of topics. This particular topic was a strategic look at three policy changes that might degrade, deter, or disrupt adversary capability in cyberspace. NDU IRMC 2016 Presentation (PPT)

Quick hit on some things for reading up on control system security. One of my favorites is Kurtz, R., (2006) “Securing SCADA Systems” this particular book is older, but it has a great section on comparing ICS security protocols. Meant…

I’ve hired a lot of people. Between academia, government, and industry I’ve been on hundreds of hiring boards. I’ve been junior enough to be a primary assessor and senior enough to rate other peoples skill at hiring. I like building…

After reading the first third of “Disrupted; My Misadventure in the startup bubble” by Dan Lyons I realized that I had been marketing myself all wrong. Hiring managers like the little-emperors of China want happy, go-lucky, youthful, soft individuals to…

Risk is made of disparate components that technologists inherently understand. Decision makers and corporate staff that are not necessarily smart in technology are often left flummoxed by the technobabble. As technologists and information security practitioners it is important to think…

You are a CIO or CISO looking at your next budget cycle. You know that there is way more threats operating on innumerable vulnerabilities than you can afford to mitigate. How best to spend the often shrinking budget you have…

RSS Links

Cyber?

Cyber security and the technologies of securing the information enterprise of industry and government require a trans-disciplinary while still STEM focused research agenda. The term “cyber” itself denotes a human cognitive centric concept that deals with the disintermediation of technology centered within human activity. The changing focus from system threat mitigation to enterprise risk management has opened completely new areas of inquiry into security.